package com.kx;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import com.kx.realm.CustomMD5Realm;

import java.util.Arrays;

public class TestCustomMD5RealmAuthenticator {
    public static void main(String[] args) {
        //创建安全管理器
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        //注入realm
//        securityManager.setRealm(new CustomMD5Realm());
        CustomMD5Realm realm = new CustomMD5Realm();
        //设置realm使用hash凭证匹配器
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        //声明算法
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //方式三需要声明的散列次数
        hashedCredentialsMatcher.setHashIterations(1024);
        realm.setCredentialsMatcher(hashedCredentialsMatcher);
        securityManager.setRealm(realm);
        //将安全管理器注入安全工具
        SecurityUtils.setSecurityManager(securityManager);
        //通过安全工具类获取subject
        Subject subject = SecurityUtils.getSubject();
        //认证
        UsernamePasswordToken token = new UsernamePasswordToken("kx", "123");
        try {
            subject.login(token);
            System.out.println("登陆成功");
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("用户名错误！");
        } catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            System.out.println("密码错误！");
        } catch (Exception e) {
            e.printStackTrace();
        }
        //授权
        if (subject.isAuthenticated()) {
            //1、基于角色权限控制
            System.out.println("单角色权限控制" + subject.hasRole("admin"));
            //2、基于多角色权限控制
            System.out.println("多角色权限控制" + subject.hasAllRoles(Arrays.asList("admin", "user")));
            //3、是否具有其中一个角色
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "user", "super"));
            for (boolean aBoolean : booleans) {
                System.out.println(aBoolean);
            }
            System.out.println("——————————————————————————————————————");
            //基于权限字符串得访问控制 资源标识符：操作：资源类型
            System.out.println("权限：" + subject.isPermitted("user:*:*"));
            System.out.println("权限：" + subject.isPermitted("user:*:01"));
            System.out.println("权限：" + subject.isPermitted("user:create:01"));

            System.out.println("权限：" + subject.isPermitted("product:create"));
            System.out.println("权限：" + subject.isPermitted("product:update"));
            System.out.println("权限：" + subject.isPermitted("product:create:02"));
            System.out.println("——————————————————————————————————————————");
            //分别具有哪些权限
            boolean[] permitted = subject.isPermitted("user:*:01", "order:*:01");
            for (boolean aBoolean : permitted) {
                System.out.println(aBoolean);
            }
            System.out.println("————————————————————————————————————");
            //同时具有哪些权限
//            boolean permittedAll = subject.isPermittedAll("user:*:01", "product:create:01");
            boolean permittedAll = subject.isPermittedAll("user:*:01", "product:create");
            System.out.println(permittedAll);
        }

    }
}
